Pierangelo Masarati
f87e6270d4
improve previous commit
2006-05-14 17:53:40 +00:00
Pierangelo Masarati
0c2c3ea7e1
typo in previous commit
2006-05-14 17:34:18 +00:00
Pierangelo Masarati
0c33c17bb5
"single-conn" forces flushing of existing conns during rebind on same conn (ITS#4546)
2006-05-14 17:32:15 +00:00
Pierangelo Masarati
3393b15594
cleanup resource release
2006-05-14 15:11:53 +00:00
Pierangelo Masarati
42ab45aed2
fix warning message
2006-05-09 20:32:25 +00:00
Pierangelo Masarati
373ded8d24
add URI list resorting feature (ITS#4524)
2006-05-06 16:15:25 +00:00
Pierangelo Masarati
401b211d98
touch idle-timeout HAVE_TLS odds; silence warning #ifndef HAVE_TLS
2006-05-06 10:50:13 +00:00
Pierangelo Masarati
470fda7744
cleanup version parsing
2006-05-06 10:42:29 +00:00
Pierangelo Masarati
3b5d411af2
fix idassert "override"
2006-05-01 22:54:07 +00:00
Pierangelo Masarati
4d894c7d24
don't idassert if proxyAuthz == boundDN (ITS#4497)
2006-04-21 21:07:31 +00:00
Pierangelo Masarati
e01743193d
more coverity issues
2006-04-14 00:17:27 +00:00
Hallvard Furuseth
7a19d8855d
Remove useless assert: unsigned lc->lc_refcnt >= 0
2006-04-13 22:20:55 +00:00
Pierangelo Masarati
bd8514fb1e
address protocol version issues (ITS#4488)
2006-04-13 16:20:00 +00:00
Kurt Zeilenga
eb9a3c1876
unifdef -DSLAP_ACL_HONOR_DISCLOSE
...
unifdef -DSLAP_ACL_HONOR_MANAGE
unifdef -DSLAP_OVERLAY_ACCESS
unifdef -DSLAP_ORDERED_PRETTYNORM
unifdef -DSLAP_AUTHZ_SYNTAX
Move LDAP_COLLECTIVE_ATTRIBUTES, LDAP_COMP_MATCH, and LDAP_SYNC_TIMESTAMP
back behind LDAP_DEVEL (as these either too experimental or not yet
implemented).
2006-04-12 05:53:26 +00:00
Pierangelo Masarati
666e0677ca
re-fix previous commit
2006-04-08 15:59:59 +00:00
Pierangelo Masarati
3d13b08a44
fix network-timeout commit
2006-04-08 14:45:45 +00:00
Pierangelo Masarati
cc8109db06
fix previous commit
2006-04-08 14:45:19 +00:00
Pierangelo Masarati
0500576056
add support for old proxyAuthz encoding; allow to workaround buggy implementations of the new version (now RFC4370)
2006-04-08 11:12:30 +00:00
Pierangelo Masarati
6a293c65b3
line up network-timeout with back-meta
2006-04-07 09:08:37 +00:00
Pierangelo Masarati
8c1b8d3f7b
actually, if a connection is already in the AVL tree, use it if not binding; otherwise use a tainted one; taint connections that must be freed when refcnt goes to zero
2006-04-07 01:28:56 +00:00
Kurt Zeilenga
45d0479d37
Reverse last commit. Wrong tree.
2006-04-05 00:40:53 +00:00
Kurt Zeilenga
31d64d4642
No LogTest in re23
2006-04-05 00:39:46 +00:00
Howard Chu
fc61aab12b
plug leak
2006-04-04 10:31:01 +00:00
Pierangelo Masarati
070c9d9f07
make sure rs->sr_err is fine
2006-04-03 00:33:34 +00:00
Hallvard Furuseth
b2f79aa42e
Initialize and destroy lc_lai.lai_mutex
2006-04-02 23:47:13 +00:00
Hallvard Furuseth
581c1ff6c7
Cast ctype.h char arguments to unsigned char
2006-04-01 23:44:42 +00:00
Pierangelo Masarati
02966c3d1c
fix handling of expired connections (ITS#4429; need to look at back-meta as well)
2006-03-29 01:26:42 +00:00
Pierangelo Masarati
bacd1f170f
leave existing controls in place if proxyAuthz is not required by idassert (ITS#4457)
2006-03-28 21:45:54 +00:00
Pierangelo Masarati
e673b4d9ad
propagate pretty DN (ITS#4456)
2006-03-28 19:20:01 +00:00
Pierangelo Masarati
0a465343fb
cleanup
2006-03-27 00:31:38 +00:00
Pierangelo Masarati
1418b2c5b1
fix previous commit: actually free the connection in case of failed bind
2006-03-25 01:12:27 +00:00
Pierangelo Masarati
fd5208c18f
destroy bind connection after failed bind (ITS#4428)
2006-03-25 00:33:42 +00:00
Pierangelo Masarati
00073c8cac
fix operational attrs return with chain overlay (ITS#4431); misc cleanup
2006-03-24 22:49:51 +00:00
Pierangelo Masarati
3160c03dab
cleanup previous commit
2006-03-23 23:01:14 +00:00
Pierangelo Masarati
3437406a0b
honor "chase-referrals no" (ITS#4447)
2006-03-23 21:01:19 +00:00
Pierangelo Masarati
3861c47316
queue implicit binds (ITS#4409)
2006-03-03 16:27:00 +00:00
Pierangelo Masarati
fa72882808
fix error message
2006-02-16 01:10:45 +00:00
Kurt Zeilenga
cbc11c9233
unifdef -DLDAP_NULL_IS_NULL
2006-02-14 23:18:12 +00:00
Pierangelo Masarati
f4c578cb31
delete all conns cached for a single client->proxy connection (partially addresses ITS#4387)
2006-02-06 21:39:56 +00:00
Pierangelo Masarati
f0d6ac3e0b
debug cleanup
2006-02-04 15:50:22 +00:00
Pierangelo Masarati
54aefe30f7
implement proxy long-lived connection TTL
2006-02-01 23:10:12 +00:00
Pierangelo Masarati
e393f47465
allow slapo-chain to be instantiated without any specific config statement...
2006-01-13 10:41:54 +00:00
Pierangelo Masarati
7124ec615e
make sure appropriate limits are in place (ITS#4336)
2006-01-12 22:48:02 +00:00
Pierangelo Masarati
7038044c91
in abnormal cases, error may be sent twice
2006-01-11 15:32:34 +00:00
Pierangelo Masarati
0dce854ce4
complete fix to back-ldap (ITS#4315?); not sure dobind should actually be treated as a bind...
2006-01-11 12:11:59 +00:00
Pierangelo Masarati
7368ffb77a
don't idassert anon2anon (ITS#4321)
2006-01-10 13:17:31 +00:00
Pierangelo Masarati
f3c2c7ba48
use slab memory for proxyauthz
2006-01-09 20:00:51 +00:00
Pierangelo Masarati
543c588772
don't send error with back-meta
2006-01-09 15:13:29 +00:00
Pierangelo Masarati
6995603a3d
refine fix to ITS#4315; apply it to back-meta as well
2006-01-09 14:20:37 +00:00
Howard Chu
8538223def
TS#4315 fix prev commit, spinning in ldap_back_dobind
2006-01-09 09:37:52 +00:00
Howard Chu
2b39a26150
ITS#4315 fix bind concurrency issue
2006-01-09 09:14:53 +00:00
Pierangelo Masarati
18beda81a0
allow proxying of dynamic objects (irrespective of the support provided to dynamic objects)
2006-01-06 16:33:14 +00:00
Pierangelo Masarati
62497187c7
cleanup
2006-01-06 16:31:07 +00:00
Kurt Zeilenga
acbb5cf689
Happy new year!
2006-01-03 23:11:52 +00:00
Pierangelo Masarati
c67c99e3bd
clarify generated password issue
2006-01-02 16:20:39 +00:00
Pierangelo Masarati
fc358465d7
allow generic exops to slip thru
2006-01-02 08:19:35 +00:00
Pierangelo Masarati
8c2ceeb605
don't idassert anonymous unless explicitly configured (ITS#4272)
2005-12-20 20:43:14 +00:00
Pierangelo Masarati
96dd70da28
fix memory handling
2005-12-16 16:19:17 +00:00
Pierangelo Masarati
4538422dc9
better handling of internal operations
2005-12-15 13:47:25 +00:00
Pierangelo Masarati
430aff35bb
assume operations with version set to 0 are internal, and use LDAPv3
2005-12-15 11:39:46 +00:00
Pierangelo Masarati
fcda57e90f
use macros instead of numbers...
2005-12-13 20:11:26 +00:00
Pierangelo Masarati
1b42fde372
implement (per-target) per-conn proxy-side idle-timeout (ITS#4115); revitalize (per-target) network-timeout in back-meta; fix issue with connection initialization error in ldap_back_retry(); cleanup configuration of back-ldap
2005-12-07 17:35:02 +00:00
Pierangelo Masarati
2ea72234aa
return more appropriate error code
2005-12-06 20:04:52 +00:00
Pierangelo Masarati
52a827466a
fix previous commit
2005-11-28 10:38:01 +00:00
Pierangelo Masarati
4fe032e9be
add very preliminary support for <draft-sermersheim-ldap-distproc>
2005-11-27 23:23:59 +00:00
Pierangelo Masarati
26a83119fd
cleanup
2005-11-27 23:19:17 +00:00
Pierangelo Masarati
1e01082e10
s/chain-cache-uris/chain-cache-uri/
2005-11-27 23:18:47 +00:00
Pierangelo Masarati
b3c8a976ec
use LDAP_SIZELIMIT_EXCEEDED; rework the return values of slap_send_search_entry(); silence a few warnings
2005-11-25 22:17:24 +00:00
Pierangelo Masarati
ea83f6a669
check sizelimit in frontend (ITS#4213)
2005-11-25 00:28:33 +00:00
Pierangelo Masarati
d34fffcaf9
use lutil_ato*() whenever appropriate
2005-11-24 01:10:05 +00:00
Hallvard Furuseth
6b93c656a1
Fix olcChainConfig definition when !LDAP_CONTROL_X_CHAINING_BEHAVIOR
2005-11-23 10:49:47 +00:00
Pierangelo Masarati
64156a68b2
fix dumb var initialization
2005-11-20 19:55:07 +00:00
Pierangelo Masarati
4c92090e87
fix compilation when the chaining control is undefined
2005-11-20 19:28:03 +00:00
Pierangelo Masarati
4852bf8a58
don't care about empty matched/text #ifdef LDAP_NULL_IS_NULL
2005-11-20 01:59:26 +00:00
Pierangelo Masarati
754e59543d
cleanup
2005-11-20 01:39:19 +00:00
Pierangelo Masarati
fbb31b58a1
yet another fix to previous commit
2005-11-20 00:29:35 +00:00
Pierangelo Masarati
b85b28275f
fix previous commit
2005-11-20 00:08:50 +00:00
Pierangelo Masarati
d71a3add92
fix typo in write timeouts argnumbers
2005-11-19 23:23:18 +00:00
Pierangelo Masarati
5bd95600de
allow the chain overlay and the underlying databases to be loaded via back-config
2005-11-19 23:22:50 +00:00
Pierangelo Masarati
39d721504a
plug one-time leaks
2005-11-19 18:44:54 +00:00
Pierangelo Masarati
6d7689b7e3
check we don't exceed userland with config param bits
2005-11-19 18:01:28 +00:00
Pierangelo Masarati
3e7fd464dc
streamline back-ldap/slapo-chain configuration; add the possibility to cache non-configured, anonymous referral URIs
2005-11-19 17:48:33 +00:00
Pierangelo Masarati
7fa4b159bf
fix dangling resources issue in slapd-ldap; completely rework slapo-chain to fix the resource leak/concurrency issue; add support for multiple well-known URIs to set credentials for, and deal with unknown URIs anonymously; similar reworking and cleanup for slapd-meta
2005-11-19 15:00:50 +00:00
Pierangelo Masarati
dd2afd3e3e
refine previous commit...
2005-11-16 14:20:45 +00:00
Pierangelo Masarati
917b77fff1
fix matched handling of slapd-ldap/slapo-chain (ITS#4176)
2005-11-16 14:17:19 +00:00
Pierangelo Masarati
78bd3bf6a3
handle LDAPv2 when returning timelimit; silence warning
2005-11-11 09:54:07 +00:00
Pierangelo Masarati
93abd4c616
cannot happen...
2005-11-09 12:58:57 +00:00
Pierangelo Masarati
4cab386d13
backport write operation timeouts from back-meta to back-ldap; minor cleanup & silence warnings
2005-11-06 23:29:10 +00:00
Pierangelo Masarati
1ec4cf7bba
add a giant mutex around the ldapinfo structure to serialize chaining (need to check for deadlocks...)
2005-11-04 01:42:11 +00:00
Pierangelo Masarati
d3a2a42e85
fix previous commit (addresses ITS#4139)
2005-11-03 21:48:46 +00:00
Pierangelo Masarati
2a24cbb5e8
don't leak text/matched
2005-11-03 11:58:06 +00:00
Kurt Zeilenga
ecd86725f2
Update result code to IANA-assigned values
...
Provide some backwards compatibility.
Misc cleanup
2005-11-03 01:27:07 +00:00
Pierangelo Masarati
7146f4e21f
don't leak matchedDN
2005-11-01 16:47:17 +00:00
Pierangelo Masarati
4744733638
don't copy o_ndn into lc_bound_ndn, otherwise we end up in a bind with DN but no password\!
2005-10-14 23:25:57 +00:00
Pierangelo Masarati
37f4e80929
hide unused member (will likely be removed)
2005-09-24 18:46:01 +00:00
Pierangelo Masarati
112be0118e
cleanup states/timeout handling in back-ldap/meta; add connection pooling and defer of pseudoroot bind to back-meta
2005-09-24 18:39:26 +00:00
Pierangelo Masarati
fb3fc81c7e
improved authz_backend detection for internal databases (ITS#4018)
2005-09-10 09:56:29 +00:00
Pierangelo Masarati
866148810e
release resources (ITS#4016)
2005-09-09 02:37:38 +00:00
Pierangelo Masarati
4687de2062
fix typo (ITS#4005)
2005-09-06 15:17:07 +00:00
Pierangelo Masarati
7fd7001fc2
fix old erroneous commit (ITS#4001)
2005-09-04 19:21:39 +00:00
Pierangelo Masarati
bac1aea2a5
fix previous commit
2005-08-29 09:48:07 +00:00
Pierangelo Masarati
97600bf23c
prettify matchedDN; return response code
2005-08-27 19:20:31 +00:00
Howard Chu
5a03f7611f
Fix for Windows mod compatibility, imported symbols cannot be used as
...
constant initializers.
2005-08-26 02:17:13 +00:00
Pierangelo Masarati
6cb8b14435
allow undefined attrs to be "proxied" (ITS#3959)
2005-08-25 21:14:26 +00:00
Pierangelo Masarati
075220dd7e
need some minimal timeout otherwise strange issues occur
2005-08-22 18:14:41 +00:00
Pierangelo Masarati
15d1b4d5dd
cleanup locking
2005-08-20 19:00:56 +00:00
Pierangelo Masarati
11211d0dae
strip entryDN from search entries; frontend will reattach it :(
2005-08-18 11:26:29 +00:00
Pierangelo Masarati
557f5eb2ca
allow noUserMod attrs write proxying when manageDIT is set (still to work in frontend for add)
2005-08-17 19:40:02 +00:00
Pierangelo Masarati
5873048347
fix return code (prevents clean usage of back-ldap for internal searchs)
2005-08-17 19:38:36 +00:00
Pierangelo Masarati
ecd99b83dd
set "matched" as appropriate (ITS#3942)
2005-08-17 08:13:24 +00:00
Hallvard Furuseth
a0b5f5138b
Remove unused label "error_return"
2005-08-16 19:45:50 +00:00
Hallvard Furuseth
9873eb7ab0
Add missing Statslog() statements (loglevel stats/stats2):
...
"ABANDON", "STARTTLS", "CANCEL", "WHOAMI", "PASSMOD", "EXT", "INTERM",
"TLS established", SASL and Extended Response "RESULT".
In Statslog output "conn=xx fd=yy closed", append the reason in
"()" unless client or server closed the connection after Unbind.
Still missing Statslog output from a number of failed requests.
2005-08-14 00:14:58 +00:00
Pierangelo Masarati
7b9173d0bb
should compile also when #undef HAVE_TLS
2005-08-12 10:51:39 +00:00
Pierangelo Masarati
a23466f64a
should compile also when #undef HAVE_TLS
2005-08-12 10:49:55 +00:00
Pierangelo Masarati
d10250d9f6
add authzSyntax for authzTo/authzFrom attributes; add X-ORDERED 'VALUES' if support for ordered_value_{validate,pretty,normalize} is present; exploit normalization in slap_parseURI (only #ifdef LDAP_DEVEL)
2005-08-11 23:52:17 +00:00
Pierangelo Masarati
c6e2a69f27
fix tls propagation, including rebind
2005-08-11 16:01:24 +00:00
Pierangelo Masarati
468e03a655
plug more leaks
2005-08-07 12:55:15 +00:00
Pierangelo Masarati
fa27310d77
use trylock only where necessary
2005-08-07 00:35:11 +00:00
Pierangelo Masarati
4ed743cc84
remove unrequired member; address ITS#3913
2005-08-02 22:48:30 +00:00
Pierangelo Masarati
9da3dbf3c8
more fixes to parsing of (deprecated) config directives (ITS#3915)
2005-08-02 22:21:44 +00:00
Pierangelo Masarati
4148ddc31f
save 1 function call...
2005-08-02 08:13:16 +00:00
Pierangelo Masarati
c8a5fd2df2
fix various leaks
2005-08-01 23:32:14 +00:00
Luke Howard
6f0edd6c22
Call slap_mods2entry() in do_add(), so that global overlays (including
...
global SLAPI plugins) have access to op->ora_e.
Note that slap_mods2entry() is still called in fe_op_add() in order to
add any operational attributes.
2005-07-31 04:56:27 +00:00
Pierangelo Masarati
d921f216ac
fix referrals handling (needs work)
2005-07-30 16:25:18 +00:00
Pierangelo Masarati
aace773cb6
more table-driven config cleanup
2005-07-29 01:00:48 +00:00
Hallvard Furuseth
397d7171c0
Silence unused variable warnings with #ifdef LDAP_CONTROL_X_CHAINING_BEHAVIOR
2005-07-27 08:44:11 +00:00
Pierangelo Masarati
111f5fdc5c
more fixes to back-ldap runtime configuration (ITS#3895)
2005-07-26 00:11:11 +00:00
Pierangelo Masarati
a91ebfac79
plug leaks
2005-07-25 20:47:39 +00:00
Pierangelo Masarati
3e84f692aa
there might definitely be concurrency issues, but it's not pooled connections' fault
2005-07-23 22:03:35 +00:00
Pierangelo Masarati
e810105f87
(mostly) reverting previous commit (overconservative)
2005-07-23 22:02:12 +00:00
Pierangelo Masarati
796316bc84
strengthen concurrency protection
2005-07-23 19:39:51 +00:00
Pierangelo Masarati
bea2e5494c
reverse logic (chasing a dangling pointer...)
2005-07-23 19:38:57 +00:00
Hallvard Furuseth
4a57978a4b
'#if 0' out variables used only in #if 0. Fix '#if 0'-ed out counting loops.
2005-07-22 13:21:10 +00:00
Pierangelo Masarati
4be9f57b29
more on leaks & small fixes to unparsing
2005-07-22 03:23:58 +00:00
Pierangelo Masarati
6adfb5dd2f
note an issue
2005-07-22 03:23:26 +00:00
Pierangelo Masarati
1ac6bf4d1d
fix back-ldap unparsing
2005-07-22 02:29:49 +00:00
Pierangelo Masarati
51346cfa68
fix ITS#3862
2005-07-18 21:32:31 +00:00
Hallvard Furuseth
81ecb0b153
assert expects int. (int)<nonnull ptr/long> can be 0. Use assert(arg!=0/NULL).
2005-07-18 06:22:33 +00:00
Hallvard Furuseth
0cc537e6f1
Declare ldap_back_init_cf().
2005-07-17 12:06:09 +00:00
Pierangelo Masarati
681a547e13
fix potential deadlock
2005-07-04 22:41:27 +00:00
Pierangelo Masarati
982981d465
fix potential deadlock; improve idassert in case of authzFrom rules (new flag values); rootdn can always idassert
2005-07-03 23:27:56 +00:00
Pierangelo Masarati
1aaa18b180
more on ITS#3808
2005-06-29 18:16:29 +00:00
Pierangelo Masarati
9e811df052
seems to definitely fix issues related to ITS#3808
2005-06-29 16:38:09 +00:00
Pierangelo Masarati
cbe9c74675
return LDAP_SUCCESS if Start TLS failed but was not critical
2005-06-29 12:38:18 +00:00
Pierangelo Masarati
671b02f748
more on ITS#3808
2005-06-29 12:28:40 +00:00
Pierangelo Masarati
196af0e056
(partial?) fix ITS#3808
2005-06-29 11:44:11 +00:00
Pierangelo Masarati
c7c572f883
fix ITS#3785: do our best to deal with invalid filters...
2005-06-16 19:27:03 +00:00
Pierangelo Masarati
e12c4ca230
preemptive time limit check in proxy backends
2005-06-13 19:14:40 +00:00
Kurt Zeilenga
43ffb3f235
Fix -ULDAP_DEVEL build
2005-06-03 22:13:27 +00:00
Kurt Zeilenga
da9732a766
fix -ULDAP_DEVEL compile
2005-06-03 21:52:54 +00:00